The number of people using the Internet and the World Wide Web (the Web) has increased substantially in recent years. Some Internet users gain access to the services of the Internet and the Web through user accounts provided by their employer or an educational institution. Others access the Internet from their home computers through accounts supplied by commercial Internet access providers such as America Online.TM., CompuServe.TM. or the like. In any event, these accounts provide only a minimal amount of security against intrusion. Typical account security includes merely a username and a password, typically both chosen by the user.
One of the disadvantages of these typical Internet access accounts is the vulnerability to invasion as a result of the poor security. For example, passwords can be cracked by password crack programs employing password cracking dictionaries or by brute force password guessing programs. Further, users are sometimes tricked into disclosing their account passwords. For example, individuals purporting to be support staff for a particular online service were able to convince subscribers to reveal their passwords.
Internet access providers generally charge an hourly or monthly fee for a user account. Due, at least in part, to the cost of such an account, many people are still without access to the Internet and the Web. In fact, these costs may be incentive enough for some people to break into user accounts to gain access to the Internet services such as chat and electronic mail (e-mail). Others apparently find pleasure in gaining access to another's account.
Based on the foregoing, it is desirable to provide more security for user accounts. Specifically, it is desirable to provide a mobile mechanism of physical security. Also, it would be desirable for the host system to associate user preferences and environment with the physical security mechanism, thereby making the preferences and environment available to the user upon establishing a user session by way of the physical security device.